The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Sunday, April 15, 2007
The Washtington Post is reporting that the US Department of Education's national database of student loan recipients is being trolled for illegitimate purposes by authorized users. This has apparently been a problem for over four years.
Lenders Misusing Student Database - washingtonpost.com....The database, known as the National Student Loan Data System, was created in 1993 to help determine whether students are eligible for student aid and to assist in collecting loan payments. About 29,000 university financial aid administrators and 7,500 loan company employees have access to it.
In a recent meeting with university financial aid directors, Theresa S. Shaw, chief operating officer of the department's Office of Federal Student Aid, which manages the database, said lenders have been mining it for student data with increasing frequency, according to three participants at the meeting. In the department's hierarchy, Shaw ranks above Fontana.
"She said the data mining had gotten out of control, and they were trying to tone it down," said Eileen K. O'Leary, director of student aid and finance at Stonehill College in Massachusetts, who was at the Feb. 26 session. "They'd seen the mining for a few years, but now they felt it had grown exponentially."
The department first started noticing a problem in mid-2003 when loan consolidation became more popular, according to an agency official who spoke on condition of anonymity because of the sensitivity of the matter. As companies began to aggressively look for low-risk borrowers to target for consolidation plans, they turned to the database for prospective customers, the official said.
The article says thousands of users have had their privileges revoked after security reviews showed abuse.
Assuming that it really is necessary to allow private sector players to have access to this database in the first place, perhaps prosections under the Computer Fraud and Abuse Act would get users' attention.
Labels: privacy
The Canadian Privacy Law Blog is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.